Overview

overview

8

Static

static

4a151d71a0...f7.exe

windows7-x64

8

4a151d71a0...f7.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a151d71a0be47145a953900bc9706b0fc06716cdc4491867f635c495161d8f7

  • Size

    120KB

  • Sample

    221030-vdvevaagc2

  • MD5

    824ffdfeecc78ec92cf514e1134a7e96

  • SHA1

    7d3cd7c7ad049aca613e9b4cda8f7974ee712c81

  • SHA256

    4a151d71a0be47145a953900bc9706b0fc06716cdc4491867f635c495161d8f7

  • SHA512

    66a6d61e6916f89680e2e98374bb2bf23e7188f26d2237567c519f899702d23fae121bee33df19d96a36eccec993c0f2927fcf58dd74b1abe0a945dea9143d1a

  • SSDEEP

    1536:QIDThSFWEv7NyArVF3qmRIjbPT6XpOPzmsLPtTh0PE:phSFWETNykFaygbipEzLLPRh0M

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      4a151d71a0be47145a953900bc9706b0fc06716cdc4491867f635c495161d8f7

    • Size

      120KB

    • MD5

      824ffdfeecc78ec92cf514e1134a7e96

    • SHA1

      7d3cd7c7ad049aca613e9b4cda8f7974ee712c81

    • SHA256

      4a151d71a0be47145a953900bc9706b0fc06716cdc4491867f635c495161d8f7

    • SHA512

      66a6d61e6916f89680e2e98374bb2bf23e7188f26d2237567c519f899702d23fae121bee33df19d96a36eccec993c0f2927fcf58dd74b1abe0a945dea9143d1a

    • SSDEEP

      1536:QIDThSFWEv7NyArVF3qmRIjbPT6XpOPzmsLPtTh0PE:phSFWETNykFaygbipEzLLPRh0M

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks